Publicité
Publicité
Format du document : text/plain
Prévisualisation
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 03-08-2016
Ran by Bouhafsi (2016-08-03 20:36:08)
Running from C:\Users\Bouhafsi\Desktop
Microsoft Windows 7 Professional Service Pack 1 (X86) (2015-07-22 11:27:17)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrateur (S-1-5-21-3481782987-2517284933-296613505-500 - Administrator - Disabled)
Bouhafsi (S-1-5-21-3481782987-2517284933-296613505-1000 - Administrator - Enabled) => C:\Users\Bouhafsi
Invité (S-1-5-21-3481782987-2517284933-296613505-501 - Limited - Disabled) => C:\Users\Invité
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Kaspersky Anti-Virus (Disabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AS: Kaspersky Anti-Virus (Disabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Anti-Virus (Disabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
«Euro Truck Simulator 2» v.1.4.8s (HKLM\...\«Euro Truck Simulator 2»_is1) (Version: - )
µTorrent (HKLM\...\uTorrent) (Version: 2.0.3 - )
3alam arriyadiat 1.2 (HKLM\...\3alam arriyadiat) (Version: - )
7-Zip 4.65 (HKLM\...\7-Zip) (Version: - )
Adobe AIR (HKLM\...\Adobe AIR) (Version: 17.0.0.124 - Adobe Systems Incorporated)
Adobe Audition 1.5 (HKLM\...\{86EF9FC4-F209-4520-B7E1-C7FF0EEBDFFF}) (Version: 1.5 - Adobe Systems)
Adobe Flash Player 22 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM\...\{9A9F7268-3899-4443-B071-B332493925AA}) (Version: 11.5.6.606 - Adobe Systems, Inc)
Assistant GT v1 (HKLM\...\Assistant GT_is1) (Version: - )
Aurora 19.0a2 (x86 ar) (HKLM\...\Aurora 19.0a2 (x86 ar)) (Version: 19.0a2 - Mozilla)
AutoPlay Media Studio 8 (HKLM\...\AutoPlay Media Studio 8) (Version: 8.5.0.0 - Indigo Rose Corporation)
Ayat (HKLM\...\sa.edu.ksa.ayat) (Version: 1.4 - UNKNOWN)
Ayat (Version: 1.4 - UNKNOWN) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 3.26 - Piriform)
Chedot (HKU\S-1-5-21-3481782987-2517284933-296613505-1000\...\Chedot) (Version: 48.0.2564.504 - Chedot Publisher)
Creative Pack Volume 1 (HKLM\...\{05181A78-3BA6-4B63-BCE8-888A4BCAACFA}) (Version: 3.0.2 - Corel Corporation)
Daum PotPlayer 1.5.34665 (HKLM\...\PotPlayer) (Version: - )
Dazzle Video Capture DVC100 X86 Driver 1.08 (HKLM\...\{42CDC6B7-1B50-44A8-83AD-1351FDDF175A}) (Version: 1.08.0000 - Pinnacle)
DLL-Files.com Client (HKLM\...\DA71BA65-680A-4212-9150-6239217B53DC_DLL-Files.c~79141F26_is1) (Version: 2.1.1000.4243 - DLL-Files.com Client)
Euro Truck Simulator 2 (HKLM\...\{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1) (Version: 1.1.1 - SCS Software)
Facebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Fly on Desktop Screensaver 1.2 (HKLM\...\Fly on Desktop Screensaver_is1) (Version: - Drive Software Company)
FormatFactory 2.20 (HKLM\...\FormatFactory) (Version: 2.20 - Free Time)
Foxit Reader (HKLM\...\Foxit Reader_is1) (Version: 6.0.2.413 - Foxit Corporation)
Free PDF to Word Doc Converter v1.1 (HKLM\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
Google Chrome (HKLM\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.31.5 - Google Inc.) Hidden
Google Earth (HKLM\...\{6F545E5E-4595-11E2-93B6-B8AC6F97B88E}) (Version: 7.0.2.8415 - Google)
GT 7 OrbChanger v1 (HKLM\...\GT 7 OrbChanger_is1) (Version: - )
Hollywood FX Volumes 1-3 (HKLM\...\{E3D181F8-246B-497F-945E-6DB98CBA6677}) (Version: 2.0.1 - Corel Corporation)
HSPA USB Modem (HKLM\...\InstallShield_{06ADE2A0-E46A-4A84-A211-64CF50520185}) (Version: 1.0 - اسم شركتك)
HSPA USB Modem (Version: 1.0 - اسم شركتك) Hidden
iZotope Music & Speech Cleaner (HKLM\...\iZotope Music & Speech Cleaner_is1) (Version: 1.00 - iZotope, Inc.)
Java(TM) 6 Update 18 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216018FF}) (Version: 6.0.180 - Sun Microsystems, Inc.)
Kaspersky Anti-Virus (HKLM\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
Kaspersky Anti-Virus (Version: 16.0.0.614 - Kaspersky Lab) Hidden
Malwarebytes Anti-Malware النسخة 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Maxthon Cloud Browser (HKLM\...\Maxthon3) (Version: 4.0.3.3000 - Maxthon International Limited)
Metric Collection SDK 35 (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (HKLM\...\PROPLUS) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.50401.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{b55f7208-e02b-4828-ac78-59c73ddf5bc7}) (Version: 12.0.30501.0 - Корпорация Майкрософт)
MOBICONNECT (HKLM\...\{BCE97917-E58C-41FA-9B53-859E3FDCE924}) (Version: 1.0.0.2 - ZTE Corporation)
MobiConnect (HKLM\...\MobiConnect) (Version: 23.009.17.00.216 - Huawei Technologies Co.,Ltd)
Mobile Broadband HL Service (HKLM\...\Mobile Broadband HL Service) (Version: 22.001.26.01.03 - Huawei Technologies Co.,Ltd)
Mozilla Firefox (fr) (HKLM\...\{64A22291-279E-4050-BABD-C44E61FA4226}) (Version: 3.6.0.0 - FrontMotion)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 19.0a2 - Mozilla)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NewBlue Effects (HKLM\...\{B2609714-EECB-43B8-9DFC-3CBF34C5F92D}) (Version: 2.0.0 - Corel Corporation)
Package de pilotes Windows - Qualcomm Atheros Communications Inc. (athr) Net (03/31/2014 10.0.0.288) (HKLM\...\3B5A3D28E20A4A5A273A03F80EE99DFA1B1CFDE7) (Version: 03/31/2014 10.0.0.288 - Qualcomm Atheros Communications Inc.)
Package de pilotes Windows - Realtek (RTL8167) Net (07/16/2014 7.089.0716.2014) (HKLM\...\24CA17BAB3F954B1A833B29A63A2948537742F75) (Version: 07/16/2014 7.089.0716.2014 - Realtek)
Paint.NET v3.5.4 (HKLM\...\{053B3DA8-91B5-4682-A130-715412A1A252}) (Version: 3.54.0 - dotPDN LLC)
PhotoScape (HKLM\...\PhotoScape) (Version: - )
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
Pinnacle Studio 19 - Install Manager (HKLM\...\{891ED714-E54D-4BE1-8DE8-4EE54D9BB402}) (Version: 19.1.10160 - Corel Corporation)
Pinnacle Studio 19 - Standard Content Pack (HKLM\...\{37D4E0DC-B765-4915-86D8-A39433A87B75}) (Version: 19.0 - Corel Corporation)
Pinnacle Studio 19 (HKLM\...\{CF91A83C-B84F-43CE-BCCE-7247E6137173}) (Version: 19.0.1.10160 - Corel Corporation)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7484 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.34 - Piriform)
RogueKiller version 12 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12 - Adlice Software)
ScoreFitter Volumes 1-2 (HKLM\...\{0FDA9ECA-6DA3-480E-B7A9-76F353AF6B6C}) (Version: 2.0.1 - Corel Corporation)
SHAREit (HKLM\...\SHAREit_is1) (Version: 3.4.0.675 - Lenovo)
Snagit 10.0.1 (HKLM\...\{22FC7536-BE5C-4E88-8069-C24689D34EC5}) (Version: 10.0.1 - TechSmith Corporation)
SuperCopier2 (HKLM\...\SuperCopier2) (Version: - )
TeamViewer 10 (HKLM\...\TeamViewer) (Version: 10.0.36897 - TeamViewer)
Title Extreme (HKLM\...\{F7214014-27EE-4237-9978-2F9D1551559B}) (Version: 2.0.1 - Corel Corporation)
Tweaker GT v1 (HKLM\...\Tweaker GT_is1) (Version: - )
Tweaking.com - Windows Repair (HKLM\...\Tweaking.com - Windows Repair) (Version: 3.6.1 - Tweaking.com)
Tweaks.com Logon Changer (HKLM\...\{12F8EFF0-5C16-473B-99AD-67AB866C3E07}) (Version: 2.0.0 - Advanced PC Media LLC)
Uninstall Tool (HKLM\...\Uninstall Tool_is1) (Version: 3.4.3 - CrystalIDEA Software, Inc.)
VLC media player 2.0.3 (HKLM\...\VLC media player) (Version: 2.0.3 - VideoLAN)
WebcamMax (HKLM\...\WebcamMax) (Version: 7.8.1.6.MultiLanguage - )
WinHTTrack Website Copier 3.44-1 (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.44.1 - HTTrack)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version: 5.20.1 - win.rar GmbH)
ZDServer (HKLM\...\{C8197F5F-E0DC-44f1-8AF2-1AA5A84F695D}) (Version: 1.0.1.2 - ZTE Corporation)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3481782987-2517284933-296613505-1000_Classes\CLSID\{0002DF01-0000-0000-C000-000000000046}\localserver32 -> C:\Program Files\Maxthon\Bin\Maxthon.exe (Maxthon International ltd.)
CustomCLSID: HKU\S-1-5-21-3481782987-2517284933-296613505-1000_Classes\CLSID\{08244EE6-92F0-47F2-9FC9-929BAA2E7235}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3481782987-2517284933-296613505-1000_Classes\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3481782987-2517284933-296613505-1000_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\Bouhafsi\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-3481782987-2517284933-296613505-1000_Classes\CLSID\{4E77131D-3629-431C-9818-C5679DC83E81}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3481782987-2517284933-296613505-1000_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\Bouhafsi\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-3481782987-2517284933-296613505-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> "C:\Windows\system32\igfxEM.exe" => No File
CustomCLSID: HKU\S-1-5-21-3481782987-2517284933-296613505-1000_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}\localserver32 -> C:\Users\Bouhafsi\AppData\Local\Facebook\Video\Skype\FacebookVideoCallingProxy.exe (Skype Limited)
CustomCLSID: HKU\S-1-5-21-3481782987-2517284933-296613505-1000_Classes\CLSID\{91B16656-8566-41AB-8D94-04D33E5F21D9}\localserver32 -> C:\Users\Bouhafsi\AppData\Local\Chedot\Application\48.0.2564.504\delegate_execute.exe (The Chedot Authors)
CustomCLSID: HKU\S-1-5-21-3481782987-2517284933-296613505-1000_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\Bouhafsi\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CustomCLSID: HKU\S-1-5-21-3481782987-2517284933-296613505-1000_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32 -> no filepath
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {017A0E29-E17A-4C8D-962B-0729FA36B540} - System32\Tasks\Maxthon Update => C:\Program Files\Maxthon\Bin\mxup.exe [2015-05-08] (Maxthon International ltd.)
Task: {0C5C2A85-6BBB-42FC-815A-20EC16526970} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {216707AC-921D-4B43-80AA-D260864AF9AA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {2C59ECAF-3A27-4640-9F4B-519B05BDD70F} - \Microsoft\Windows\MUI\LPRemove -> No File <==== ATTENTION
Task: {4F9FAA31-CFF0-4B66-AEAD-D6B70FD026C7} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3481782987-2517284933-296613505-1000Core => C:\Users\Bouhafsi\AppData\Local\Facebook\Update\FacebookUpdate.exe [2016-03-25] (Facebook Inc.)
Task: {845BC814-5F02-4620-9FC8-E37EF1DE0AE3} - System32\Tasks\{315C967B-5FFD-4A71-B8F3-B2EC89C79535} => pcalua.exe -a "E:\Camera\جوى الاعاب\Gta San Andreas UP By IsSaM GfX\setup.exe" -d "E:\Camera\جوى الاعاب\Gta San Andreas UP By IsSaM GfX"
Task: {93CE1557-2CC6-4ED6-A183-2C0A68397561} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: {B7C5B7A8-9333-4898-8067-EEC0F54F9DEA} - System32\Tasks\{CB7CD008-F57B-4144-B937-6B949E9DF670} => pcalua.exe -a D:\برامج\QQPlayer_Setup_Arabic_2.exe -d D:\برامج
Task: {C620C951-1662-4C94-A483-C6CE558A0D4F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-12-19] (Piriform Ltd)
Task: {CABAD887-CCB4-4978-9F84-009365D78223} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe
Task: {E0A57EDB-E173-4DDB-BB18-AF0448D5A6CD} - System32\Tasks\{49930226-118D-485B-88EF-A8E4A6444CCD} => pcalua.exe -a D:\برامج\QQPlayer_Setup_1.0.280.202.p1.exe -d D:\برامج
Task: {E58FE08F-61D8-4663-8473-7CCDA97316F3} - System32\Tasks\{02DD9659-373D-435A-9F16-9DE2F0646EF2} => pcalua.exe -a "D:\Users\Abdelghani Bouhafsi\Saved Games\العاب\GTA.III.exe" -d "D:\Users\Abdelghani Bouhafsi\Saved Games\العاب"
Task: {E8E65C26-6BCA-48B7-8968-7EDC571BDE3B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-06-27] (Adobe Systems Incorporated)
Task: {E8EAC9DC-A75F-4D5A-A3A2-C1EA819C7A7A} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3481782987-2517284933-296613505-1000UA => C:\Users\Bouhafsi\AppData\Local\Facebook\Update\FacebookUpdate.exe [2016-03-25] (Facebook Inc.)
Task: {F61D3CB9-EB3D-4D57-BC47-605D398FC1EE} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 35 => C:\Program Files\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3481782987-2517284933-296613505-1000Core.job => C:\Users\Bouhafsi\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3481782987-2517284933-296613505-1000UA.job => C:\Users\Bouhafsi\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\RunUninstallTool_SkipUac.job => C:\Program Files\Uninstall Tool\UninstallTool.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Bouhafsi\Desktop\ملفات سطح المكتب\MOBICONNECT.lnk -> C:\Program Files\Hostless Modem\MOBICONNECT\LaunchWebUI.exe () -> hxxp://m.home/
==================== Loaded Modules (Whitelisted) ==============
2013-04-10 07:58 - 2013-04-10 07:58 - 00276048 _____ () C:\ProgramData\DatacardService\HWDeviceService.exe
2016-08-02 21:04 - 2013-11-14 11:39 - 00656976 _____ () C:\ProgramData\MobiConnect\OnlineUpdate\ouc.exe
2016-08-02 21:04 - 2009-01-10 20:32 - 00011362 _____ () C:\ProgramData\MobiConnect\OnlineUpdate\mingwm10.dll
2016-08-02 21:04 - 2009-06-23 04:42 - 00043008 _____ () C:\ProgramData\MobiConnect\OnlineUpdate\libgcc_s_dw2-1.dll
2016-08-02 21:04 - 2012-10-31 11:11 - 02417152 _____ () C:\ProgramData\MobiConnect\OnlineUpdate\QtCore4.dll
2016-08-02 21:04 - 2012-10-31 11:14 - 01148416 _____ () C:\ProgramData\MobiConnect\OnlineUpdate\QtNetwork4.dll
2016-08-02 21:04 - 2013-11-14 11:39 - 00839680 _____ () C:\ProgramData\MobiConnect\OnlineUpdate\QueryStrategy.dll
2016-08-02 21:04 - 2012-10-31 11:11 - 00398336 _____ () C:\ProgramData\MobiConnect\OnlineUpdate\QtXml4.dll
2015-07-22 14:08 - 2010-03-15 12:28 - 00141824 _____ () C:\Program Files\WinRAR\rarext.dll
2015-07-22 13:43 - 2010-03-12 00:47 - 00043589 _____ () C:\Windows\system32\GTShell.dll
2016-01-01 11:33 - 2012-10-16 07:20 - 00258944 _____ () C:\Program Files\Maxthon\bin\Maxzlib.dll
2016-01-01 11:33 - 2013-01-30 12:21 - 00368440 _____ () C:\Program Files\Maxthon\Addons\CloudsSvc\MxCloudsSvc.dll
2016-01-01 11:33 - 2012-10-16 07:20 - 00258944 _____ () C:\Program Files\Maxthon\Bin\maxzlib.dll
2016-01-01 11:33 - 2012-12-06 12:02 - 03522336 _____ () C:\Program Files\Maxthon\Core\Webkit\avcodec-54.dll
2016-01-01 11:33 - 2012-12-06 12:02 - 00304960 _____ () C:\Program Files\Maxthon\Core\Webkit\avutil-51.dll
2016-01-01 11:33 - 2012-12-06 12:02 - 00452712 _____ () C:\Program Files\Maxthon\Core\Webkit\avformat-54.dll
2016-01-01 11:33 - 2013-01-25 06:50 - 14586808 _____ () C:\Program Files\Maxthon\Core\Webkit\Npplugins\NPSWF32.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:04 - 2015-10-30 18:54 - 00000835 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3481782987-2517284933-296613505-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Bouhafsi\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: gusvc => 3
MSCONFIG\Services: Lenovo EasyPlus Hotspot => 3
MSCONFIG\Services: Mobile Broadband HL Service => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: ShareItSvc => 3
MSCONFIG\Services: TeamViewer => 2
MSCONFIG\Services: VMware NAT Service => 2
MSCONFIG\Services: VMwareHostd => 2
MSCONFIG\Services: ZDServ => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AntiUsbWormUpdate.lnk => C:\Windows\pss\AntiUsbWormUpdate.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AntiWormUpdate.lnk => C:\Windows\pss\AntiWormUpdate.lnk.CommonStartup
MSCONFIG\startupreg: amzwfzdxrn => wscript.exe //B "C:\Users\Bouhafsi\AppData\Local\Temp\amzwfzdxrn.vbs"
MSCONFIG\startupreg: AntiUsbWorm => C:\Windows\system32\cmd.exe /c start C:\Google\AutoIt3.exe /AutoIt3ExecuteScript C:\Google\googleupdate.a3x & exit
MSCONFIG\startupreg: DesktopIconToy => C:\Program Files\Desktop Icon Toy\DesktopIconToy.exe
MSCONFIG\startupreg: MxDock => C:\Program Files\Maxthon\Modules\MxDock\MxDock.exe
MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe" -s
MSCONFIG\startupreg: Speech Recognition => "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup
MSCONFIG\startupreg: SuperCopier2.exe => C:\Program Files\SuperCopier2\SuperCopier2.exe
MSCONFIG\startupreg: UCam_Menu => "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\3.0"
MSCONFIG\startupreg: vmware-tray.exe => "C:\Program Files\VMware\VMware Workstation\vmware-tray.exe"
MSCONFIG\startupreg: YouCam Mirror Tray icon => "C:\Program Files\CyberLink\YouCam\YouCamTray.exe" /s
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{278210DE-2455-4A76-8700-143B18E403F1}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{877AAB40-8999-45F9-AEEB-0320E5D3D6B6}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{EB917FCE-6484-45DA-8F58-34F608D26A49}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{C8629BC6-F352-457D-A39A-3D1F9B17EFA7}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [PotPlayer(PotPlayerMini.exe)] => (Allow) C:\Program Files\Daum\PotPlayer\PotPlayerMini.exe
FirewallRules: [{9E666086-E908-4B4A-8E1E-E04DFB5F157C}] => (Allow) C:\Program Files\Daum\PotPlayer\PotPlayerMini.exe
FirewallRules: [{8452B808-E51B-411D-A845-2AC4BABBC395}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [TCP Query User{1D2A5EBB-E80E-4D88-81C5-DEB7C2381C21}D:\program files\aurora\firefox.exe] => (Allow) D:\program files\aurora\firefox.exe
FirewallRules: [UDP Query User{3EFC64EA-B3E3-4A63-8008-93D4A16EAD0E}D:\program files\aurora\firefox.exe] => (Allow) D:\program files\aurora\firefox.exe
FirewallRules: [{8245C501-C40D-4663-9DB3-728E7C9A462A}] => (Allow) C:\Program Files\Maxthon\Bin\Maxthon.exe
FirewallRules: [{D130D978-C132-43C8-AAF0-96A64FD3D8D8}] => (Allow) C:\Program Files\Maxthon\Bin\Maxthon.exe
FirewallRules: [{4E94B7DD-1BD1-4B6B-A53D-74146C6F0F44}] => (Allow) C:\Program Files\Maxthon\Bin\MxUp.exe
FirewallRules: [{587B8977-CAFB-4E3E-8F74-A9CB74B706DC}] => (Allow) C:\Program Files\Maxthon\Bin\MxUp.exe
FirewallRules: [{F76CA289-1C83-4566-8D29-6F79BD23219F}] => (Allow) C:\Program Files\SHAREit\SHAREit\SHAREit.exe
FirewallRules: [{E2031F6D-1086-48EB-82C4-A1283CCE153B}] => (Allow) C:\Program Files\SHAREit\SHAREit\SHAREit.exe
FirewallRules: [{6039EEB0-C78E-40E9-8E4F-0EEFDEEFDC20}] => (Allow) C:\Users\Bouhafsi\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [{2CB27974-43D2-4CF3-ABC2-371344CAE213}] => (Allow) C:\Users\Bouhafsi\AppData\Local\Chedot\Application\chedot.exe
FirewallRules: [{A2F3A852-B226-473C-81A4-1EF0A0625CC3}] => (Allow) C:\Program Files\uTorrent\uTorrent.exe
FirewallRules: [{1A5E723F-7522-44C3-8327-5A4AC2BFB62F}] => (Allow) C:\Program Files\uTorrent\uTorrent.exe
FirewallRules: [{7927BD9B-76B0-468A-A8D0-720CC3C6F62E}] => (Allow) C:\Program Files\Pinnacle\Studio 19\programs\RM.exe
FirewallRules: [{47956894-8E61-4E51-B018-EA58DB524331}] => (Allow) C:\Program Files\Pinnacle\Studio 19\programs\RM.exe
FirewallRules: [{828C112A-AF83-446A-81FF-26FC737AF1B4}] => (Allow) C:\Program Files\Pinnacle\Studio 19\programs\NGStudio.exe
FirewallRules: [{C4011BE1-E33A-4130-A807-999EEE184433}] => (Allow) C:\Program Files\Pinnacle\Studio 19\programs\NGStudio.exe
FirewallRules: [{F8E1742D-D60F-44FC-85CB-CE9DC4D049EB}] => (Allow) C:\Program Files\Pinnacle\Studio 19\programs\UMI.exe
FirewallRules: [{536DA596-65A3-42D6-B73F-3A1F3DCC30DC}] => (Allow) C:\Program Files\Pinnacle\Studio 19\programs\UMI.exe
FirewallRules: [{92180698-2525-4868-B04B-2C5AD9D7163C}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
18-07-2016 19:02:40 نقطة التدقيق المجدولة
27-07-2016 18:34:04 نقطة التدقيق المجدولة
==================== Faulty Device Manager Devices =============
Name: Contrôleur d'hôte extensible Intel(R) USB 3.0
Description: Contrôleur d'hôte extensible Intel(R) USB 3.0
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel(R) Corporation
Service: iusb3xhc
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: وحدة تحكم تشفير/إلغاء تشفير PCI
Description: وحدة تحكم تشفير/إلغاء تشفير PCI
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (08/03/2016 06:51:49 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: توقف البرنامج Explorer.EXE الإصدار 6.1.7601.17514 عن التفاعل مع Windows وتم إغلاقه. لمعرفة ما إذا كان يتوفر مزيد من المعلومات حول المشكلة، قم بالاطلاع على محفوظات المشكلة في "مركز الصيانة" من لوحة التحكم.
معرّف العملية: 9f0
وقت بدء التشغيل: 01d1eda3f8816132
وقت الإنهاء: 43
مسار التطبيق: C:\Windows\Explorer.EXE
معرف التقرير: 52d2ec3f-599a-11e6-ada2-201a06e1383f
Error: (08/02/2016 09:09:01 PM) (Source: Google Update) (EventID: 20) (User: Bouhafsi-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s
Error: (08/02/2016 08:58:34 PM) (Source: Google Update) (EventID: 20) (User: Bouhafsi-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s
Error: (08/02/2016 12:17:37 PM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: واجهت "إدارة نافذة سطح المكتب" خطأً فادحًا (0x80070008)
Error: (08/02/2016 12:03:18 PM) (Source: Google Update) (EventID: 20) (User: Bouhafsi-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s
Error: (08/01/2016 12:56:05 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: فشل إنشاء سياق التنشيط لـ "Avid.vfcore,processorArchitecture="*",type="win32",version="1.0.0.0"1".
تعذر العثور على التجميع Avid.vfcore,processorArchitecture="*",type="win32",version="1.0.0.0" التابع.
الرجاء استخدام sxstrace.exe للحصول على تشخيص مفصل.
Error: (08/01/2016 12:28:53 PM) (Source: Google Update) (EventID: 20) (User: Bouhafsi-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s
Error: (08/01/2016 12:21:30 PM) (Source: Google Update) (EventID: 20) (User: Bouhafsi-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s
Error: (07/31/2016 07:00:02 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: لم تكتمل عملية النسخ الاحتياطي بسبب حدوث خطأ أثناء الكتابة إلى موقع النسخ الاحتياطي G:\. الخطأ: يتعذر العثور على موقع النسخ الاحتياطي أو أنه غير صحيح. راجع إعدادات النسخ الاحتياطي وتحقق من موقع النسخ الاحتياطي. (0x81000006).
Error: (07/31/2016 02:21:05 PM) (Source: Google Update) (EventID: 20) (User: Bouhafsi-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s
System errors:
=============
Error: (08/03/2016 06:25:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: فشل بدء تشغيل الخدمة ProductAgentService بسبب الخطأ التالي:
%%2 = يتعذر على النظام العثور على الملف المحدد.
Error: (08/03/2016 06:25:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: فشل بدء تشغيل الخدمة MobiConnect. OUC بسبب الخطأ التالي:
%%1053 = لم تستجب الخدمة لبدء التشغيل أو لطلب عنصر التحكم في الوقت المناسب.
Error: (08/03/2016 06:25:11 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: تم الوصول إلى نهاية المهلة (30000 مللي ثانية) أثناء انتظار اتصال الخدمة MobiConnect. OUC.
Error: (08/03/2016 06:25:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: فشل بدء تشغيل الخدمة ESET Service بسبب الخطأ التالي:
%%2 = يتعذر على النظام العثور على الملف المحدد.
Error: (08/03/2016 06:25:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: فشل بدء تشغيل الخدمة avast! Firewall بسبب الخطأ التالي:
%%2 = يتعذر على النظام العثور على الملف المحدد.
Error: (08/03/2016 06:25:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: فشل بدء تشغيل الخدمة avast! Antivirus بسبب الخطأ التالي:
%%2 = يتعذر على النظام العثور على الملف المحدد.
Error: (08/02/2016 10:48:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: فشل بدء تشغيل الخدمة ProductAgentService بسبب الخطأ التالي:
%%2 = يتعذر على النظام العثور على الملف المحدد.
Error: (08/02/2016 10:48:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: فشل بدء تشغيل الخدمة MobiConnect. OUC بسبب الخطأ التالي:
%%1053 = لم تستجب الخدمة لبدء التشغيل أو لطلب عنصر التحكم في الوقت المناسب.
Error: (08/02/2016 10:48:53 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: تم الوصول إلى نهاية المهلة (30000 مللي ثانية) أثناء انتظار اتصال الخدمة MobiConnect. OUC.
Error: (08/02/2016 10:48:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: فشل بدء تشغيل الخدمة ESET Service بسبب الخطأ التالي:
%%2 = يتعذر على النظام العثور على الملف المحدد.
CodeIntegrity:
===================================
Date: 2016-08-02 09:45:46.207
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-08-02 09:45:46.192
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-08-02 09:45:46.192
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-08-02 09:45:46.176
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-08-02 09:45:46.161
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-08-02 09:45:46.161
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-08-02 09:45:46.129
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\KLELAMX86\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-08-02 09:45:46.114
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\KLELAMX86\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-08-02 09:45:46.114
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\KLELAMX86\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-08-02 09:45:46.098
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\KLELAMX86\klelam.sys because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel(R) Pentium(R) CPU N3520 @ 2.16GHz
Percentage of memory in use: 74%
Total physical RAM: 1934.36 MB
Available physical RAM: 491.14 MB
Total Virtual: 3868.73 MB
Available Virtual: 1710.14 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:172.69 GB) (Free:118.33 GB) NTFS
Drive d: (bouhafsi Sbaa) (Fixed) (Total:145.51 GB) (Free:65.49 GB) NTFS
Drive e: (Abdelghani Sbaà) (Fixed) (Total:147.46 GB) (Free:21.08 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: C4F6DFFB)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=172.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=147.5 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=145.5 GB) - (Type=OF Extended)
==================== End of Addition.txt ============================
Ran by Bouhafsi (2016-08-03 20:36:08)
Running from C:\Users\Bouhafsi\Desktop
Microsoft Windows 7 Professional Service Pack 1 (X86) (2015-07-22 11:27:17)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrateur (S-1-5-21-3481782987-2517284933-296613505-500 - Administrator - Disabled)
Bouhafsi (S-1-5-21-3481782987-2517284933-296613505-1000 - Administrator - Enabled) => C:\Users\Bouhafsi
Invité (S-1-5-21-3481782987-2517284933-296613505-501 - Limited - Disabled) => C:\Users\Invité
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Kaspersky Anti-Virus (Disabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AS: Kaspersky Anti-Virus (Disabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Anti-Virus (Disabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
«Euro Truck Simulator 2» v.1.4.8s (HKLM\...\«Euro Truck Simulator 2»_is1) (Version: - )
µTorrent (HKLM\...\uTorrent) (Version: 2.0.3 - )
3alam arriyadiat 1.2 (HKLM\...\3alam arriyadiat) (Version: - )
7-Zip 4.65 (HKLM\...\7-Zip) (Version: - )
Adobe AIR (HKLM\...\Adobe AIR) (Version: 17.0.0.124 - Adobe Systems Incorporated)
Adobe Audition 1.5 (HKLM\...\{86EF9FC4-F209-4520-B7E1-C7FF0EEBDFFF}) (Version: 1.5 - Adobe Systems)
Adobe Flash Player 22 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM\...\{9A9F7268-3899-4443-B071-B332493925AA}) (Version: 11.5.6.606 - Adobe Systems, Inc)
Assistant GT v1 (HKLM\...\Assistant GT_is1) (Version: - )
Aurora 19.0a2 (x86 ar) (HKLM\...\Aurora 19.0a2 (x86 ar)) (Version: 19.0a2 - Mozilla)
AutoPlay Media Studio 8 (HKLM\...\AutoPlay Media Studio 8) (Version: 8.5.0.0 - Indigo Rose Corporation)
Ayat (HKLM\...\sa.edu.ksa.ayat) (Version: 1.4 - UNKNOWN)
Ayat (Version: 1.4 - UNKNOWN) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 3.26 - Piriform)
Chedot (HKU\S-1-5-21-3481782987-2517284933-296613505-1000\...\Chedot) (Version: 48.0.2564.504 - Chedot Publisher)
Creative Pack Volume 1 (HKLM\...\{05181A78-3BA6-4B63-BCE8-888A4BCAACFA}) (Version: 3.0.2 - Corel Corporation)
Daum PotPlayer 1.5.34665 (HKLM\...\PotPlayer) (Version: - )
Dazzle Video Capture DVC100 X86 Driver 1.08 (HKLM\...\{42CDC6B7-1B50-44A8-83AD-1351FDDF175A}) (Version: 1.08.0000 - Pinnacle)
DLL-Files.com Client (HKLM\...\DA71BA65-680A-4212-9150-6239217B53DC_DLL-Files.c~79141F26_is1) (Version: 2.1.1000.4243 - DLL-Files.com Client)
Euro Truck Simulator 2 (HKLM\...\{1B705E8F-9893-4486-B5D7-4F7FEB9C871E}_is1) (Version: 1.1.1 - SCS Software)
Facebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Fly on Desktop Screensaver 1.2 (HKLM\...\Fly on Desktop Screensaver_is1) (Version: - Drive Software Company)
FormatFactory 2.20 (HKLM\...\FormatFactory) (Version: 2.20 - Free Time)
Foxit Reader (HKLM\...\Foxit Reader_is1) (Version: 6.0.2.413 - Foxit Corporation)
Free PDF to Word Doc Converter v1.1 (HKLM\...\Free PDF to Word Doc Converter_is1) (Version: 1.1 - www.hellopdf.com)
Google Chrome (HKLM\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Update Helper (Version: 1.3.24.15 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.31.5 - Google Inc.) Hidden
Google Earth (HKLM\...\{6F545E5E-4595-11E2-93B6-B8AC6F97B88E}) (Version: 7.0.2.8415 - Google)
GT 7 OrbChanger v1 (HKLM\...\GT 7 OrbChanger_is1) (Version: - )
Hollywood FX Volumes 1-3 (HKLM\...\{E3D181F8-246B-497F-945E-6DB98CBA6677}) (Version: 2.0.1 - Corel Corporation)
HSPA USB Modem (HKLM\...\InstallShield_{06ADE2A0-E46A-4A84-A211-64CF50520185}) (Version: 1.0 - اسم شركتك)
HSPA USB Modem (Version: 1.0 - اسم شركتك) Hidden
iZotope Music & Speech Cleaner (HKLM\...\iZotope Music & Speech Cleaner_is1) (Version: 1.00 - iZotope, Inc.)
Java(TM) 6 Update 18 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83216018FF}) (Version: 6.0.180 - Sun Microsystems, Inc.)
Kaspersky Anti-Virus (HKLM\...\InstallWIX_{77E7AE5C-181C-4CAF-ADBF-946F11C1CE26}) (Version: 16.0.0.614 - Kaspersky Lab)
Kaspersky Anti-Virus (Version: 16.0.0.614 - Kaspersky Lab) Hidden
Malwarebytes Anti-Malware النسخة 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Maxthon Cloud Browser (HKLM\...\Maxthon3) (Version: 4.0.3.3000 - Maxthon International Limited)
Metric Collection SDK 35 (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (HKLM\...\PROPLUS) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.50401.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{b55f7208-e02b-4828-ac78-59c73ddf5bc7}) (Version: 12.0.30501.0 - Корпорация Майкрософт)
MOBICONNECT (HKLM\...\{BCE97917-E58C-41FA-9B53-859E3FDCE924}) (Version: 1.0.0.2 - ZTE Corporation)
MobiConnect (HKLM\...\MobiConnect) (Version: 23.009.17.00.216 - Huawei Technologies Co.,Ltd)
Mobile Broadband HL Service (HKLM\...\Mobile Broadband HL Service) (Version: 22.001.26.01.03 - Huawei Technologies Co.,Ltd)
Mozilla Firefox (fr) (HKLM\...\{64A22291-279E-4050-BABD-C44E61FA4226}) (Version: 3.6.0.0 - FrontMotion)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 19.0a2 - Mozilla)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NewBlue Effects (HKLM\...\{B2609714-EECB-43B8-9DFC-3CBF34C5F92D}) (Version: 2.0.0 - Corel Corporation)
Package de pilotes Windows - Qualcomm Atheros Communications Inc. (athr) Net (03/31/2014 10.0.0.288) (HKLM\...\3B5A3D28E20A4A5A273A03F80EE99DFA1B1CFDE7) (Version: 03/31/2014 10.0.0.288 - Qualcomm Atheros Communications Inc.)
Package de pilotes Windows - Realtek (RTL8167) Net (07/16/2014 7.089.0716.2014) (HKLM\...\24CA17BAB3F954B1A833B29A63A2948537742F75) (Version: 07/16/2014 7.089.0716.2014 - Realtek)
Paint.NET v3.5.4 (HKLM\...\{053B3DA8-91B5-4682-A130-715412A1A252}) (Version: 3.54.0 - dotPDN LLC)
PhotoScape (HKLM\...\PhotoScape) (Version: - )
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
Pinnacle Studio 19 - Install Manager (HKLM\...\{891ED714-E54D-4BE1-8DE8-4EE54D9BB402}) (Version: 19.1.10160 - Corel Corporation)
Pinnacle Studio 19 - Standard Content Pack (HKLM\...\{37D4E0DC-B765-4915-86D8-A39433A87B75}) (Version: 19.0 - Corel Corporation)
Pinnacle Studio 19 (HKLM\...\{CF91A83C-B84F-43CE-BCCE-7247E6137173}) (Version: 19.0.1.10160 - Corel Corporation)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7484 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.34 - Piriform)
RogueKiller version 12 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12 - Adlice Software)
ScoreFitter Volumes 1-2 (HKLM\...\{0FDA9ECA-6DA3-480E-B7A9-76F353AF6B6C}) (Version: 2.0.1 - Corel Corporation)
SHAREit (HKLM\...\SHAREit_is1) (Version: 3.4.0.675 - Lenovo)
Snagit 10.0.1 (HKLM\...\{22FC7536-BE5C-4E88-8069-C24689D34EC5}) (Version: 10.0.1 - TechSmith Corporation)
SuperCopier2 (HKLM\...\SuperCopier2) (Version: - )
TeamViewer 10 (HKLM\...\TeamViewer) (Version: 10.0.36897 - TeamViewer)
Title Extreme (HKLM\...\{F7214014-27EE-4237-9978-2F9D1551559B}) (Version: 2.0.1 - Corel Corporation)
Tweaker GT v1 (HKLM\...\Tweaker GT_is1) (Version: - )
Tweaking.com - Windows Repair (HKLM\...\Tweaking.com - Windows Repair) (Version: 3.6.1 - Tweaking.com)
Tweaks.com Logon Changer (HKLM\...\{12F8EFF0-5C16-473B-99AD-67AB866C3E07}) (Version: 2.0.0 - Advanced PC Media LLC)
Uninstall Tool (HKLM\...\Uninstall Tool_is1) (Version: 3.4.3 - CrystalIDEA Software, Inc.)
VLC media player 2.0.3 (HKLM\...\VLC media player) (Version: 2.0.3 - VideoLAN)
WebcamMax (HKLM\...\WebcamMax) (Version: 7.8.1.6.MultiLanguage - )
WinHTTrack Website Copier 3.44-1 (HKLM\...\WinHTTrack Website Copier_is1) (Version: 3.44.1 - HTTrack)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version: 5.20.1 - win.rar GmbH)
ZDServer (HKLM\...\{C8197F5F-E0DC-44f1-8AF2-1AA5A84F695D}) (Version: 1.0.1.2 - ZTE Corporation)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3481782987-2517284933-296613505-1000_Classes\CLSID\{0002DF01-0000-0000-C000-000000000046}\localserver32 -> C:\Program Files\Maxthon\Bin\Maxthon.exe (Maxthon International ltd.)
CustomCLSID: HKU\S-1-5-21-3481782987-2517284933-296613505-1000_Classes\CLSID\{08244EE6-92F0-47F2-9FC9-929BAA2E7235}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3481782987-2517284933-296613505-1000_Classes\CLSID\{1F486A52-3CB1-48FD-8F50-B8DC300D9F9D}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3481782987-2517284933-296613505-1000_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\Bouhafsi\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-3481782987-2517284933-296613505-1000_Classes\CLSID\{4E77131D-3629-431C-9818-C5679DC83E81}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-3481782987-2517284933-296613505-1000_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\Bouhafsi\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-3481782987-2517284933-296613505-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> "C:\Windows\system32\igfxEM.exe" => No File
CustomCLSID: HKU\S-1-5-21-3481782987-2517284933-296613505-1000_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}\localserver32 -> C:\Users\Bouhafsi\AppData\Local\Facebook\Video\Skype\FacebookVideoCallingProxy.exe (Skype Limited)
CustomCLSID: HKU\S-1-5-21-3481782987-2517284933-296613505-1000_Classes\CLSID\{91B16656-8566-41AB-8D94-04D33E5F21D9}\localserver32 -> C:\Users\Bouhafsi\AppData\Local\Chedot\Application\48.0.2564.504\delegate_execute.exe (The Chedot Authors)
CustomCLSID: HKU\S-1-5-21-3481782987-2517284933-296613505-1000_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\Bouhafsi\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CustomCLSID: HKU\S-1-5-21-3481782987-2517284933-296613505-1000_Classes\CLSID\{D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}\InprocServer32 -> no filepath
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {017A0E29-E17A-4C8D-962B-0729FA36B540} - System32\Tasks\Maxthon Update => C:\Program Files\Maxthon\Bin\mxup.exe [2015-05-08] (Maxthon International ltd.)
Task: {0C5C2A85-6BBB-42FC-815A-20EC16526970} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {216707AC-921D-4B43-80AA-D260864AF9AA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {2C59ECAF-3A27-4640-9F4B-519B05BDD70F} - \Microsoft\Windows\MUI\LPRemove -> No File <==== ATTENTION
Task: {4F9FAA31-CFF0-4B66-AEAD-D6B70FD026C7} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3481782987-2517284933-296613505-1000Core => C:\Users\Bouhafsi\AppData\Local\Facebook\Update\FacebookUpdate.exe [2016-03-25] (Facebook Inc.)
Task: {845BC814-5F02-4620-9FC8-E37EF1DE0AE3} - System32\Tasks\{315C967B-5FFD-4A71-B8F3-B2EC89C79535} => pcalua.exe -a "E:\Camera\جوى الاعاب\Gta San Andreas UP By IsSaM GfX\setup.exe" -d "E:\Camera\جوى الاعاب\Gta San Andreas UP By IsSaM GfX"
Task: {93CE1557-2CC6-4ED6-A183-2C0A68397561} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
Task: {B7C5B7A8-9333-4898-8067-EEC0F54F9DEA} - System32\Tasks\{CB7CD008-F57B-4144-B937-6B949E9DF670} => pcalua.exe -a D:\برامج\QQPlayer_Setup_Arabic_2.exe -d D:\برامج
Task: {C620C951-1662-4C94-A483-C6CE558A0D4F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-12-19] (Piriform Ltd)
Task: {CABAD887-CCB4-4978-9F84-009365D78223} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe
Task: {E0A57EDB-E173-4DDB-BB18-AF0448D5A6CD} - System32\Tasks\{49930226-118D-485B-88EF-A8E4A6444CCD} => pcalua.exe -a D:\برامج\QQPlayer_Setup_1.0.280.202.p1.exe -d D:\برامج
Task: {E58FE08F-61D8-4663-8473-7CCDA97316F3} - System32\Tasks\{02DD9659-373D-435A-9F16-9DE2F0646EF2} => pcalua.exe -a "D:\Users\Abdelghani Bouhafsi\Saved Games\العاب\GTA.III.exe" -d "D:\Users\Abdelghani Bouhafsi\Saved Games\العاب"
Task: {E8E65C26-6BCA-48B7-8968-7EDC571BDE3B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2016-06-27] (Adobe Systems Incorporated)
Task: {E8EAC9DC-A75F-4D5A-A3A2-C1EA819C7A7A} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3481782987-2517284933-296613505-1000UA => C:\Users\Bouhafsi\AppData\Local\Facebook\Update\FacebookUpdate.exe [2016-03-25] (Facebook Inc.)
Task: {F61D3CB9-EB3D-4D57-BC47-605D398FC1EE} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 35 => C:\Program Files\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3481782987-2517284933-296613505-1000Core.job => C:\Users\Bouhafsi\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-3481782987-2517284933-296613505-1000UA.job => C:\Users\Bouhafsi\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\RunUninstallTool_SkipUac.job => C:\Program Files\Uninstall Tool\UninstallTool.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Bouhafsi\Desktop\ملفات سطح المكتب\MOBICONNECT.lnk -> C:\Program Files\Hostless Modem\MOBICONNECT\LaunchWebUI.exe () -> hxxp://m.home/
==================== Loaded Modules (Whitelisted) ==============
2013-04-10 07:58 - 2013-04-10 07:58 - 00276048 _____ () C:\ProgramData\DatacardService\HWDeviceService.exe
2016-08-02 21:04 - 2013-11-14 11:39 - 00656976 _____ () C:\ProgramData\MobiConnect\OnlineUpdate\ouc.exe
2016-08-02 21:04 - 2009-01-10 20:32 - 00011362 _____ () C:\ProgramData\MobiConnect\OnlineUpdate\mingwm10.dll
2016-08-02 21:04 - 2009-06-23 04:42 - 00043008 _____ () C:\ProgramData\MobiConnect\OnlineUpdate\libgcc_s_dw2-1.dll
2016-08-02 21:04 - 2012-10-31 11:11 - 02417152 _____ () C:\ProgramData\MobiConnect\OnlineUpdate\QtCore4.dll
2016-08-02 21:04 - 2012-10-31 11:14 - 01148416 _____ () C:\ProgramData\MobiConnect\OnlineUpdate\QtNetwork4.dll
2016-08-02 21:04 - 2013-11-14 11:39 - 00839680 _____ () C:\ProgramData\MobiConnect\OnlineUpdate\QueryStrategy.dll
2016-08-02 21:04 - 2012-10-31 11:11 - 00398336 _____ () C:\ProgramData\MobiConnect\OnlineUpdate\QtXml4.dll
2015-07-22 14:08 - 2010-03-15 12:28 - 00141824 _____ () C:\Program Files\WinRAR\rarext.dll
2015-07-22 13:43 - 2010-03-12 00:47 - 00043589 _____ () C:\Windows\system32\GTShell.dll
2016-01-01 11:33 - 2012-10-16 07:20 - 00258944 _____ () C:\Program Files\Maxthon\bin\Maxzlib.dll
2016-01-01 11:33 - 2013-01-30 12:21 - 00368440 _____ () C:\Program Files\Maxthon\Addons\CloudsSvc\MxCloudsSvc.dll
2016-01-01 11:33 - 2012-10-16 07:20 - 00258944 _____ () C:\Program Files\Maxthon\Bin\maxzlib.dll
2016-01-01 11:33 - 2012-12-06 12:02 - 03522336 _____ () C:\Program Files\Maxthon\Core\Webkit\avcodec-54.dll
2016-01-01 11:33 - 2012-12-06 12:02 - 00304960 _____ () C:\Program Files\Maxthon\Core\Webkit\avutil-51.dll
2016-01-01 11:33 - 2012-12-06 12:02 - 00452712 _____ () C:\Program Files\Maxthon\Core\Webkit\avformat-54.dll
2016-01-01 11:33 - 2013-01-25 06:50 - 14586808 _____ () C:\Program Files\Maxthon\Core\Webkit\Npplugins\NPSWF32.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:04 - 2015-10-30 18:54 - 00000835 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3481782987-2517284933-296613505-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Bouhafsi\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: gusvc => 3
MSCONFIG\Services: Lenovo EasyPlus Hotspot => 3
MSCONFIG\Services: Mobile Broadband HL Service => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: ShareItSvc => 3
MSCONFIG\Services: TeamViewer => 2
MSCONFIG\Services: VMware NAT Service => 2
MSCONFIG\Services: VMwareHostd => 2
MSCONFIG\Services: ZDServ => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AntiUsbWormUpdate.lnk => C:\Windows\pss\AntiUsbWormUpdate.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AntiWormUpdate.lnk => C:\Windows\pss\AntiWormUpdate.lnk.CommonStartup
MSCONFIG\startupreg: amzwfzdxrn => wscript.exe //B "C:\Users\Bouhafsi\AppData\Local\Temp\amzwfzdxrn.vbs"
MSCONFIG\startupreg: AntiUsbWorm => C:\Windows\system32\cmd.exe /c start C:\Google\AutoIt3.exe /AutoIt3ExecuteScript C:\Google\googleupdate.a3x & exit
MSCONFIG\startupreg: DesktopIconToy => C:\Program Files\Desktop Icon Toy\DesktopIconToy.exe
MSCONFIG\startupreg: MxDock => C:\Program Files\Maxthon\Modules\MxDock\MxDock.exe
MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe" -s
MSCONFIG\startupreg: Speech Recognition => "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup
MSCONFIG\startupreg: SuperCopier2.exe => C:\Program Files\SuperCopier2\SuperCopier2.exe
MSCONFIG\startupreg: UCam_Menu => "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\3.0"
MSCONFIG\startupreg: vmware-tray.exe => "C:\Program Files\VMware\VMware Workstation\vmware-tray.exe"
MSCONFIG\startupreg: YouCam Mirror Tray icon => "C:\Program Files\CyberLink\YouCam\YouCamTray.exe" /s
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{278210DE-2455-4A76-8700-143B18E403F1}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{877AAB40-8999-45F9-AEEB-0320E5D3D6B6}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{EB917FCE-6484-45DA-8F58-34F608D26A49}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{C8629BC6-F352-457D-A39A-3D1F9B17EFA7}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [PotPlayer(PotPlayerMini.exe)] => (Allow) C:\Program Files\Daum\PotPlayer\PotPlayerMini.exe
FirewallRules: [{9E666086-E908-4B4A-8E1E-E04DFB5F157C}] => (Allow) C:\Program Files\Daum\PotPlayer\PotPlayerMini.exe
FirewallRules: [{8452B808-E51B-411D-A845-2AC4BABBC395}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [TCP Query User{1D2A5EBB-E80E-4D88-81C5-DEB7C2381C21}D:\program files\aurora\firefox.exe] => (Allow) D:\program files\aurora\firefox.exe
FirewallRules: [UDP Query User{3EFC64EA-B3E3-4A63-8008-93D4A16EAD0E}D:\program files\aurora\firefox.exe] => (Allow) D:\program files\aurora\firefox.exe
FirewallRules: [{8245C501-C40D-4663-9DB3-728E7C9A462A}] => (Allow) C:\Program Files\Maxthon\Bin\Maxthon.exe
FirewallRules: [{D130D978-C132-43C8-AAF0-96A64FD3D8D8}] => (Allow) C:\Program Files\Maxthon\Bin\Maxthon.exe
FirewallRules: [{4E94B7DD-1BD1-4B6B-A53D-74146C6F0F44}] => (Allow) C:\Program Files\Maxthon\Bin\MxUp.exe
FirewallRules: [{587B8977-CAFB-4E3E-8F74-A9CB74B706DC}] => (Allow) C:\Program Files\Maxthon\Bin\MxUp.exe
FirewallRules: [{F76CA289-1C83-4566-8D29-6F79BD23219F}] => (Allow) C:\Program Files\SHAREit\SHAREit\SHAREit.exe
FirewallRules: [{E2031F6D-1086-48EB-82C4-A1283CCE153B}] => (Allow) C:\Program Files\SHAREit\SHAREit\SHAREit.exe
FirewallRules: [{6039EEB0-C78E-40E9-8E4F-0EEFDEEFDC20}] => (Allow) C:\Users\Bouhafsi\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [{2CB27974-43D2-4CF3-ABC2-371344CAE213}] => (Allow) C:\Users\Bouhafsi\AppData\Local\Chedot\Application\chedot.exe
FirewallRules: [{A2F3A852-B226-473C-81A4-1EF0A0625CC3}] => (Allow) C:\Program Files\uTorrent\uTorrent.exe
FirewallRules: [{1A5E723F-7522-44C3-8327-5A4AC2BFB62F}] => (Allow) C:\Program Files\uTorrent\uTorrent.exe
FirewallRules: [{7927BD9B-76B0-468A-A8D0-720CC3C6F62E}] => (Allow) C:\Program Files\Pinnacle\Studio 19\programs\RM.exe
FirewallRules: [{47956894-8E61-4E51-B018-EA58DB524331}] => (Allow) C:\Program Files\Pinnacle\Studio 19\programs\RM.exe
FirewallRules: [{828C112A-AF83-446A-81FF-26FC737AF1B4}] => (Allow) C:\Program Files\Pinnacle\Studio 19\programs\NGStudio.exe
FirewallRules: [{C4011BE1-E33A-4130-A807-999EEE184433}] => (Allow) C:\Program Files\Pinnacle\Studio 19\programs\NGStudio.exe
FirewallRules: [{F8E1742D-D60F-44FC-85CB-CE9DC4D049EB}] => (Allow) C:\Program Files\Pinnacle\Studio 19\programs\UMI.exe
FirewallRules: [{536DA596-65A3-42D6-B73F-3A1F3DCC30DC}] => (Allow) C:\Program Files\Pinnacle\Studio 19\programs\UMI.exe
FirewallRules: [{92180698-2525-4868-B04B-2C5AD9D7163C}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
==================== Restore Points =========================
18-07-2016 19:02:40 نقطة التدقيق المجدولة
27-07-2016 18:34:04 نقطة التدقيق المجدولة
==================== Faulty Device Manager Devices =============
Name: Contrôleur d'hôte extensible Intel(R) USB 3.0
Description: Contrôleur d'hôte extensible Intel(R) USB 3.0
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Intel(R) Corporation
Service: iusb3xhc
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: وحدة تحكم تشفير/إلغاء تشفير PCI
Description: وحدة تحكم تشفير/إلغاء تشفير PCI
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (08/03/2016 06:51:49 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: توقف البرنامج Explorer.EXE الإصدار 6.1.7601.17514 عن التفاعل مع Windows وتم إغلاقه. لمعرفة ما إذا كان يتوفر مزيد من المعلومات حول المشكلة، قم بالاطلاع على محفوظات المشكلة في "مركز الصيانة" من لوحة التحكم.
معرّف العملية: 9f0
وقت بدء التشغيل: 01d1eda3f8816132
وقت الإنهاء: 43
مسار التطبيق: C:\Windows\Explorer.EXE
معرف التقرير: 52d2ec3f-599a-11e6-ada2-201a06e1383f
Error: (08/02/2016 09:09:01 PM) (Source: Google Update) (EventID: 20) (User: Bouhafsi-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s
Error: (08/02/2016 08:58:34 PM) (Source: Google Update) (EventID: 20) (User: Bouhafsi-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s
Error: (08/02/2016 12:17:37 PM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: واجهت "إدارة نافذة سطح المكتب" خطأً فادحًا (0x80070008)
Error: (08/02/2016 12:03:18 PM) (Source: Google Update) (EventID: 20) (User: Bouhafsi-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s
Error: (08/01/2016 12:56:05 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: فشل إنشاء سياق التنشيط لـ "Avid.vfcore,processorArchitecture="*",type="win32",version="1.0.0.0"1".
تعذر العثور على التجميع Avid.vfcore,processorArchitecture="*",type="win32",version="1.0.0.0" التابع.
الرجاء استخدام sxstrace.exe للحصول على تشخيص مفصل.
Error: (08/01/2016 12:28:53 PM) (Source: Google Update) (EventID: 20) (User: Bouhafsi-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s
Error: (08/01/2016 12:21:30 PM) (Source: Google Update) (EventID: 20) (User: Bouhafsi-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s
Error: (07/31/2016 07:00:02 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: لم تكتمل عملية النسخ الاحتياطي بسبب حدوث خطأ أثناء الكتابة إلى موقع النسخ الاحتياطي G:\. الخطأ: يتعذر العثور على موقع النسخ الاحتياطي أو أنه غير صحيح. راجع إعدادات النسخ الاحتياطي وتحقق من موقع النسخ الاحتياطي. (0x81000006).
Error: (07/31/2016 02:21:05 PM) (Source: Google Update) (EventID: 20) (User: Bouhafsi-PC)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Url=https://www.facebook.com/omaha/update.php
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s
System errors:
=============
Error: (08/03/2016 06:25:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: فشل بدء تشغيل الخدمة ProductAgentService بسبب الخطأ التالي:
%%2 = يتعذر على النظام العثور على الملف المحدد.
Error: (08/03/2016 06:25:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: فشل بدء تشغيل الخدمة MobiConnect. OUC بسبب الخطأ التالي:
%%1053 = لم تستجب الخدمة لبدء التشغيل أو لطلب عنصر التحكم في الوقت المناسب.
Error: (08/03/2016 06:25:11 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: تم الوصول إلى نهاية المهلة (30000 مللي ثانية) أثناء انتظار اتصال الخدمة MobiConnect. OUC.
Error: (08/03/2016 06:25:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: فشل بدء تشغيل الخدمة ESET Service بسبب الخطأ التالي:
%%2 = يتعذر على النظام العثور على الملف المحدد.
Error: (08/03/2016 06:25:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: فشل بدء تشغيل الخدمة avast! Firewall بسبب الخطأ التالي:
%%2 = يتعذر على النظام العثور على الملف المحدد.
Error: (08/03/2016 06:25:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: فشل بدء تشغيل الخدمة avast! Antivirus بسبب الخطأ التالي:
%%2 = يتعذر على النظام العثور على الملف المحدد.
Error: (08/02/2016 10:48:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: فشل بدء تشغيل الخدمة ProductAgentService بسبب الخطأ التالي:
%%2 = يتعذر على النظام العثور على الملف المحدد.
Error: (08/02/2016 10:48:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: فشل بدء تشغيل الخدمة MobiConnect. OUC بسبب الخطأ التالي:
%%1053 = لم تستجب الخدمة لبدء التشغيل أو لطلب عنصر التحكم في الوقت المناسب.
Error: (08/02/2016 10:48:53 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: تم الوصول إلى نهاية المهلة (30000 مللي ثانية) أثناء انتظار اتصال الخدمة MobiConnect. OUC.
Error: (08/02/2016 10:48:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: فشل بدء تشغيل الخدمة ESET Service بسبب الخطأ التالي:
%%2 = يتعذر على النظام العثور على الملف المحدد.
CodeIntegrity:
===================================
Date: 2016-08-02 09:45:46.207
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-08-02 09:45:46.192
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-08-02 09:45:46.192
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-08-02 09:45:46.176
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-08-02 09:45:46.161
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-08-02 09:45:46.161
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-08-02 09:45:46.129
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\KLELAMX86\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-08-02 09:45:46.114
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\KLELAMX86\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-08-02 09:45:46.114
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\KLELAMX86\klelam.sys because the set of per-page image hashes could not be found on the system.
Date: 2016-08-02 09:45:46.098
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 16.0.0\KLELAMX86\klelam.sys because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel(R) Pentium(R) CPU N3520 @ 2.16GHz
Percentage of memory in use: 74%
Total physical RAM: 1934.36 MB
Available physical RAM: 491.14 MB
Total Virtual: 3868.73 MB
Available Virtual: 1710.14 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:172.69 GB) (Free:118.33 GB) NTFS
Drive d: (bouhafsi Sbaa) (Fixed) (Total:145.51 GB) (Free:65.49 GB) NTFS
Drive e: (Abdelghani Sbaà) (Fixed) (Total:147.46 GB) (Free:21.08 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: C4F6DFFB)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=172.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=147.5 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=145.5 GB) - (Type=OF Extended)
==================== End of Addition.txt ============================